Why Do Console Switches Offer Multiple Different Types of Security and Authentication?
When one looks at the incredible variety of different applications for network based technology, it’s not surprising that there are also an incredible variety of differing security needs for network equipment. And since a console switch is designed to provide secure, remote access to a variety of different types of network equipment, it follows that a console server should also be compatible with a variety of different types of security measures.
Network equipment is now used in almost every facet of our modern lives. Everything from traffic lights to ATM machines depend on secure network communication, and each application requires a different level and type of security and authentication. Some applications, like those related to financial transactions, require extremely tight security to protect access to accounts and to keep private information from prying eyes. Other applications require less security, but still require some type of protection, even if it’s just a simple password entered at login.
On the lower end of security needs, IP Filtering and password protection are often called on to provide minimal protection to devices that are not normally subject to hacking. IP Filtering involves blocking specific addresses from access to command functions or ensuring that only one or two specific IP addresses are allowed access. Everyone is familiar with password protected access these days, we’ve all seen it used in everyday applications such as entry codes and ATM codes, but many users don’t realize that it can also be used to track user activities after log in.
Applications that are based on out of band, modem communication often rely on both a password and a dial back security feature. In dial back security, the user first dials the remote modem and is prompted to enter a password. If a correct password is received, the console switch then hangs up, and dials the user back at a phone number that has been predefined for the password entered during log in. This provides two-tier security, where the user first has to enter a password, and then has to be present at the dial back number in order to receive the call from the console switch and be granted access to command functions.
For applications that require greater security, authentication programs such as TACACS, LDAP, Kerberos and RADIUS are often employed to make certain that each user is who he or she claims to be. Typically, authentication programs allow you to predefine a list of access rights, passwords, attributes and membership types for a group of users, and then share that list with other user-specified devices in order to allow organization-wide access.
In addition to security and authentication features, many console switch products also allow you to set up alarms, to notify you when suspect log in activity is detected. For example, WTI TSM and RSM console switch products can notify you via email, SNMP or Syslog when excessive invalid logon attempts are detected.
When selecting a console switch for your network application, security is always a primary concern. That’s why it’s important to choose a console switch that provides a variety of different security and authentication measures to match the needs of your clients, your application and the various devices that comprise that application.
For over 30 years, Western Telematic, Inc. (WTI) has been an innovator in the field of remote management for IT facilities. Our comprehensive product line includes a wide range of Serial Console Server products, Switched PDU products and Remote Reboot Switch products to provide secure, remote management of servers, routers and other devices.
